885
edits
Changes
add docs for svcCallSecureMonitor.
|-
|-
| 0x35 || [4.0.0+] svcSignalToAddress || X0=ptr, W1=[[#SignalType]], X2=value W3=num_to_signal ||
| 0x35 || [4.0.0+] svcSignalToAddress || X0=ptr, W1=[[#SignalType]], X2=value W3=num_to_signal ||
|-
| 0x36 || [8.0.0+] svcSynchronizePreemptionState || None || W0=result
|- style="border-top: double"
|- style="border-top: double"
| 0x3C || [[#svcDumpInfo]] || ||
| 0x3C || [[#svcDumpInfo]] || ||
| 0x7E || svcSetResourceLimitLimitValue || W0=reslimit_handle, W1=[[#LimitableResource]], X2=value || W0=result
| 0x7E || svcSetResourceLimitLimitValue || W0=reslimit_handle, W1=[[#LimitableResource]], X2=value || W0=result
|-
|-
| 0x7F || svcCallSecureMonitor || X0=smc_sub_id, X1,X2,X3,X4,X5,X6,X7=smc_args || X0,X1,X2,X3,X4,X5,X6,X7=result
| 0x7F || [[#svcCallSecureMonitor]] || X0=smc_sub_id, X1,X2,X3,X4,X5,X6,X7=smc_args || X0,X1,X2,X3,X4,X5,X6,X7=result
|}
|}
'''0xe401:''' Invalid debug handle.
'''0xe401:''' Invalid debug handle.
'''0xf401:''' Process has debug events queued.
'''0xf401:''' Process has debug events queued or is already running.
== svcGetSystemInfo ==
== svcGetSystemInfo ==
Returns an enum with value 0-7.
Returns an enum with value 0-7.
== svcCallSecureMonitor ==
<div style="display: inline-block;">
{| class="wikitable" border="1"
|-
! Argument || Type || Name
|-
| (In) X0 || u64 || [[SMC#ID_0|Function ID]]
|-
| (In) X1-X7 || u64 || SMC sub-arguments
|-
| (Out) X0 || [[SMC#Errors|SMC Result]] || Result of SMC
|-
| (Out) X1-X7 || u64 || SMC sub-output
|}
</div>
Takes in a SMC function ID in X0, and arguments for that SMC function in X1-X7.
Passing an invalid SMC function ID or calling from a core other than core 3 will result in a secure monitor panic.
The kernel parses bits 9-15 in the passed SMC function ID (per the ARM SMC calling convention), and when set uses as an indicator to translate a pointer in the associated register (X1-X7) to a physical address. The kernel will translate any address mapped as R-W, other addresses (R--, R-X, or invalid pointers) will be translated as 0/NULL.
Output is returned raw from the Secure Monitor; X0 will be the untranslated SMC result and X1-X7 will contain other SMC output (or be unchanged, depending on the SMC).
== Debugging ==
== Debugging ==
= Enum/Structures =
= Enum/Structures =
== ThreadContextRequestFlags ==
== ThreadContextFlags ==
Bitfield of one of more of these:
Bitfield of one of more of these:
{| class=wikitable
{| class=wikitable
! Bit || Bitmask || Name
! Bit || Bitmask || Name || Description
|-
|-
| 0 || 1 || NormalContext
| 0 || 1 || General-purpose registers || If in 64-bit mode, GPRs 0–28 will be read/written. If in 32-bit mode, GPRs 0–12 will be read/written.
|-
|-
| 1 || 2 ||
| 1 || 2 || Control registers || Reads/writes the FP, LR, PC, SP, PSTATE, and TPIDR registers.
|-
|-
| 2 || 4 ||
| 2 || 4 || Floating-point registers || Reads/writes the floating-point vector registers.
|-
|-
| 3 || 8 ||
| 3 || 8 || Floating-point control registers || Reads/writes the FPCR and FPSR registers.
|}
|}
== DeviceName ==
== DeviceName ==
On [5.0.0] (maybe lower?) a zero ResourceLimitHandle defaults to sysmodule limits and 0x12300000 bytes of memory.
On [5.0.0] (maybe lower?) a zero ResourceLimitHandle defaults to sysmodule limits and 0x12300000 bytes of memory.
The PersonalMmHeap are allocated as follows:
* For the application, normal insecure pool is used. Carveout 5 is used to provide protection.
* For the applet, a pre-allocated secure pool segment of size 0x400000 is used.
* For sysmodules, secure pool is allocated.
=== AddressSpaceType ===
=== AddressSpaceType ===
| 0 || IsBorrowed
| 0 || IsBorrowed
|-
|-
| 1 || IsIpcMapped: when IpcRefCount > 0.
| 1 || IsIpcLocked (when IpcRefCount > 0)
|-
|-
| 2 || IsDeviceMapped: when DeviceRefCount > 0.
| 2 || IsDeviceShared (when DeviceRefCount > 0)
|-
|-
| 3 || IsUncached
| 3 || IsUncached
| 9 || ForceReadWritableByDebugSyscalls
| 9 || ForceReadWritableByDebugSyscalls
|-
|-
| 10 || IpcSendAllowed_Type0
| 10 || IpcSendAllowed
|-
|-
| 11 || IpcSendAllowed_Type3
| 11 || NonDeviceIpcSendAllowed
|-
|-
| 12 || IpcSendAllowed_Type1
| 12 || NonSecureIpcSendAllowed
|-
|-
| 14 || [[#svcSetProcessMemoryPermission|ProcessPermissionChangeAllowed]]
| 14 || [[#svcSetProcessMemoryPermission|ProcessPermissionChangeAllowed]]
|| MemoryType_ModuleCodeMutable || Transition from 0xDD7E08 performed by [[#svcSetProcessMemoryPermission]].
|| MemoryType_ModuleCodeMutable || Transition from 0xDD7E08 performed by [[#svcSetProcessMemoryPermission]].
|-
|-
| 0x005C3C0A || [[IPC_Marshalling|MemoryType_IpcBuffer0]] || IPC buffers with descriptor flags=0.
| 0x005C3C0A || [[IPC_Marshalling|MemoryType_Ipc]] || IPC buffers with descriptor flags=0.
|-
|-
| 0x005C3C0B || MemoryType_Stack || Mapped using [[#svcMapMemory]].
| 0x005C3C0B || MemoryType_Stack || Mapped using [[#svcMapMemory]].
| 0x00000010 || MemoryType_Reserved ||
| 0x00000010 || MemoryType_Reserved ||
|-
|-
| 0x005C3811 || [[IPC_Marshalling|MemoryType_IpcBuffer1]] || IPC buffers with descriptor flags=1.
| 0x005C3811 || [[IPC_Marshalling|MemoryType_NonSecureIpc]] || IPC buffers with descriptor flags=1.
|-
|-
| 0x004C2812 || [[IPC_Marshalling|MemoryType_IpcBuffer3]] || IPC buffers with descriptor flags=3.
| 0x004C2812 || [[IPC_Marshalling|MemoryType_NonDeviceIpc]] || IPC buffers with descriptor flags=3.
|-
|-
| 0x00002013 || MemoryType_KernelStack || Mapped in kernel during [[#svcCreateThread]].
| 0x00002013 || MemoryType_KernelStack || Mapped in kernel during [[#svcCreateThread]].